Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

83 advisories

Loading
Apache Superset has improper default REST API permission for Gamma users Moderate
CVE-2023-36387 was published for apache-superset (pip) Sep 6, 2023
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time... Moderate Unreviewed
CVE-2023-21249 was published Jul 13, 2023
runc AppArmor bypass with symlinked /proc Moderate
CVE-2023-28642 was published for github.com/opencontainers/runc (Go) Mar 30, 2023
ssst0n3
vantage6 vulnerable to Improper Preservation of Permissions Moderate
CVE-2023-22738 was published for vantage6 (pip) Feb 28, 2023
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions Moderate
CVE-2022-44020 was published for sushy-tools (pip) Oct 30, 2022
fhir-works-on-aws-authz-smart handles permissions improperly Moderate
CVE-2022-39230 was published for fhir-works-on-aws-authz-smart (npm) Sep 21, 2022
Shopware access control list bypassed via crafted specific URLs Moderate
CVE-2022-36102 was published for shopware/shopware (Composer) Sep 16, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2021-22137 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
joshbressers
ProTip! Advisories are also available from the GraphQL API